Keeping Your Website Safe

Today we talk about malware (a virus on your website). You are going to have a hard time growing your audience if they are afraid of coming to your site. Special thanks to Ms. Ilene of basic blog tips for pointing out that one of my sites had an issue (which has since been fixed).

Here is the advice I got from my web hosting company:

Upon investigation, we removed a set of malicious injections and scripts and traced it to a compromised FTP password.

From our experience with malware of this nature, the user account passwords are compromised though viruses/malware located on your local computer. This malware sniffs out passwords used and stored by FTP programs or e-mail clients. In order to protect against future attack, you will need to run full virus and malware scans on your computers to ensure that they are clean. I recommend using multiple scanners as we have found that some scanners do not detect the malware. Malware Bytes ( http://www.malwarebytes.org/ ) and ComboFix ( http://www.bleepingcomputer.com/combofix/how-to-use-combofix ) have been reported to be able to clean this malware. It is highly suggested that you also do the following:

* Any computers legitimately allowed to access the account must be updated fully (Windows updates, browser updates, application updates, anti-virus updates) * Any computers legitimately allowed to access the account must be completely scanned for viruses and secured completely

Sucuri Can Help Detect and Clean Malware

According to an article from the Sucuri company (a great service that will detect and clean up malware for you ). Here are some things you can do:

1. Keep EVERYTHING up to date. This means your computer, your virus detection software, your browser, your wordpress, etc. Everything. These are often programs that get your passwords from FTP programs, and then use them to get into your control panel.

2. Don’t forget about those “test sites” you started and left for dead. Those outdated sites can be a crack in the security.

3. Don’t give someone administrator rights if they are just going to be and editor. Once their job is done, delete their account.

4. Come up with a better than average password. I use Last Pass to manage my password (and even think them up).

Smallest Podcasting Rig

I just bought a cable that allows my to plug my Audio Technica 2100 into my Roland R-05 recorder. If you are a person who is going to be podcasting “On the Road” this is an easy way to get a great inexpensive podcasting microphone connected to a rugged easy to use recorder.

Managing Multiple Websites wit Manage WP

If you have more than one podcast (With each one having its own website), Managewp makes it super easy to do things like upgrade your plugins, your themes, etc on all of your websites from one login. It can monitor to see if you have malware on your website (it doesn’t clean it, but it alerts you so you could alert your website hosting company). If you have multiple sites, its a HUGE time saver. It also can check to see if you have malware on your site (it won’t fix it, but you could contact your hosting company and they will clean it for you).